I often find myself needing to protect sensitive data, and usually turn to OpenSSL for help. OpenSSL support a plethora of symmetric key encryption algorithms (AES, DES3, Blowfish, RC4), and comes with a variety of Operating Systems. To encrypt a file named private, we can pass one of the available symmetric key algorithms to OpenSSL:
$ openssl aes-256-ecb -in private -out private.aes256
enter aes-256-ecb encryption password:
Verifying - enter aes-256-ecb encryption password:
$ ls private
private private.aes256
To decrypt the file private.aes256, the symmetric key algorithm and decryption option can be passed to OpenSSL:
$ openssl aes-256-ecb -d -in private.aes256 | tail -5
enter aes-256-ecb decryption password:
pop 109/tcp
pop3 110/tcp
imap 143/tcp
imaps 993/tcp
pop3s 995/tcp
As you can see, private wasn’t so private after all :) You can get a full list of available symmetric key ciphers by appending the help flag to openssl. If you are interesting in learning about more practical uses for OpenSSL, check out my article Real World Uses For OpenSSL.